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DETAILED ACTION 

This action is in response to the amendment filed on August 28, 2007 in which claims 1, 
3, 7, 14, and 16 were amended. Claims 2, 1 1 , 19, and 21 - 26 were cancelled. 

i 

Status of Claims 

Claims 1, 3 - 10, 12 - 18, and 20 are pending, of which, claims 1, 7, 14, and 16 are 
independent claims. 

Claim Rejections - 35 USC § 103 

1. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

2. Claims 1, 3 - 10, 12 - 18, and 20 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Drabik (US 2005/0193103 A1) in view of Ramanathan (US 
2005/0066086 A1). 

Regarding claim 1, Drabik discloses a method of configuring a node for virtual 
private network operation by determining virtual private network settings associated with 
the node and at least one remote device (Drabik: Page 2, Section 0022: methods are 
provided to identify a specific participant in a virtual private network (VPN)); formatting 
the virtual private network settings (Drabik: Page 2, Section 0022: the method allows 
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remote update of the secure carrier device, to allow network changes, updates, and 
reconfigurations, with an associated changeover time, or with time-restricted access to 
the VPN. It is further possible to completely change the characteristics of the VPN, for 
all participants, at a specified time); and providing the message, including information 
about the virtual private network settings, to the node over a network (Drabik: Page 2, 
Section 0022: the method allows remote update of the secure carrier device, to allow 
network changes, updates, and reconfigurations, with an associated changeover time, 
or with time-restricted access to the VPN. It is further possible to completely change the 
characteristics of the VPN, for all participants, at a specified time). However, Drabik 
fails to teach the message is in universal plug and play format. In the same field of 
endeavor, Ramanathan discloses the use of the universal plug and play protocol in a 
device/architecture that can include various logical interfaces provided over a physical 
network interface, such as a virtual private network (Ramanathan: Page 3, Section 42). 
Thus, it would have been obvious to one of ordinary skill in the art at the time of the 
invention to incorporate the universal plug and play into the network of Drabik. The 
motivation would have been in providing a seamless proximity networking in term of 
control and data transfer among networked devices. 

Regarding claim 3, Drabik and Ramanathan disclose all the limitations of claim i. 
Additionally, Drabik discloses a method includes receiving at a gateway device request 
from the node (Drabik: Page 6, Section 0082: when a device is inserted into a 
configuration programming interface devices, it will be automatically detected or the 
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virtual private network control station operator may manually indicate it); determining 
whether a virtual private network (VPN) tunnel is available for the node (Drabik: Page 
15, Sections 0154 and 0155), and if a virtual private network tunnel is available for that 
node, transmitting the VPN settings to the node using an Internet Protocol address if a 
virtual private network tunnel is available for that node (Drabik: Page 3, Sections 0035 
and 0036). However, Drabik fails to disclose the use of the universal plug and play 
using the extensible markup language protocol format. In the same field of endeavor, 
Ramanathan discloses the use of universal plug and play, which is based on a number 
of standard protocols including Extensible Markup Language, to provide device 
connectivity (Ramanathan: Page 3, Section 0045). Thus, it would have been obvious to 
one of ordinary skill in the art at the time of the invention to incorporate the universal 
plug and play into the network of Drabik. The motivation would have been in providing 
a seamless proximity networking in term of control and data transfer among networked 
devices. 

Regarding claim 4, Drabik discloses all the limitations of claim 3. Additionally, 
Drabik discloses the transmission of a message to other node, by a virtual private 
network repository node coupled to the private network, informing the other node that 
the virtual private network settings is available (Page 9, Section 0102: if programming a 
client virtual private network device results in a configuration change to the host virtual 
private network gateways, the operator will be prompted to retrieve the virtual private 
network configuration device for reprogramming with the new configuration parameters). 
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Regarding claim 5, Drabik discloses all the limitations of claim 4. Additionally, 
Drabik discloses the request to download the virtual private network settings to the node 
(Page 9, Section 0102: if the configuration of a virtual private network device results in a 
configuration change to the host virtual private network router or gateway, the virtual 
control station will prompt the operator of that node to retrieve the virtual private network 
configuration device for reprogramming with the new configuration parameters). 

Regarding claim 6, Drabik and R disclose all the limitations of claim 5. 
Additionally, Drabik discloses the confirming that the node is authorized to operate on 
the virtual private network (Figure 2, Box 202 and Box 209; Page 8, Section 0100; and 
Page 9, Section 0102: the unique identification number for virtual private network 
(VPN) configuration device is read, and the key value is compare to virtual private 
network configuration database entries. Furthermore, the written configuration settings 
are read back to verify. If the contents do not match the expected value, the verification 
process will be repeated for a certain number of times before the device is rejected. 
Once the device is rejected, the associated key entry is removed from the configuration 
databases). 

Regarding claim 7, Drabik discloses a virtual private network gateway comprising 
a communication adaptor coupled to a network (Figure 7: network interface 712); a 
processor coupled to the communication adaptor (Figure 7: processor 700) to transmit 
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virtual private network settings to another node coupled to the network in a common 
format for automatic exchange of information between networked devices (Figures 1 
and 2, Box 208; Page 6, Section 0083: when a VPN configuration device is inserted 
into a programming device (Figure 1 : 105 or 1 10), it may be automatically detected by a 
daemon process (a background computer process) or an equivalent detection 
mechanism. Upon such a detection, the VPN control station contains software that 
reads the configuration database and other relevant databases, determines a non- 
conflicting configuration of a network settings for a particular VPN client, and then writes 
, the resulting VPN settings to the VPN configuration device). However, Drabik fails to 
teach that the common format is universal plug and play. In the same field of endeavor, 
Ramanathan discloses the use of the universal plug and play protocol in a 
device/architecture that can include various logical interfaces provided over a physical 
network interface, such as a virtual private network (Ramanathan: Page 3, Section 42). 
Thus, it would have been obvious to one of ordinary skill in the art at the time of the 
invention to incorporate the universal plug and play into the network of Drabik. The 
motivation would have been in providing a seamless proximity networking in term of 
control and data transfer among networked devices. 

Regarding claim 8, Drabik discloses all the limitations of claim 7. Additionally, 
Drabik discloses the network is a private network (Figures 1 and 7: the virtual private 
network control station 102 is connected to CorporateLAN 103, a private network). 
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Regarding claim 9, Drabik discloses all the limitations of claim 7. Additionally, 
Drabik discloses the network is a local area network (Figures 1 and 7: the virtual private 
network control station 102 is connected to CorporateLAN 103, a local area network). 

Regarding claim 10, Drabik discloses all the limitations of claim 7. Additionally, 
Drabik discloses the network is a wide area network (Figures 1 and 7: the virtual private 
network control station 102, connected to CorporateLAN 103, is part of a wide area 
network). 

Regarding claim 12, Drabik discloses all the limitations of claim 7. Additionally, 
Drabik discloses that the processor transmits a message to other node informing the 
other node that virtual private network information is available from the virtual private 
network gateway (Page 9, Section 0102: if programming a client virtual private network 
device results in a configuration change to the host virtual private network gateways, the 
operator will be prompted to retrieve the virtual private network configuration device for 
reprogramming with the new configuration parameters). 

Regarding claim 13, Drabik discloses all the limitations of claim 7. Additionally, 
Drabik discloses that the processor confirms that the other node is authorized to 
operate on the virtual private network (Figure 2, Box 202 and Box 209; Page 8, Section 
0100; and Page 9, Section 0102: the unique identification number for virtual private 
network (VPN) configuration device is read, and the key value is compare to virtual 
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private network configuration database entries. Furthermore, the written configuration 
settings are read back to verify. If the contents do not match the expected value, the 
verification process will be repeated for a certain number of times before the device is 
rejected. Once the device is rejected, the associated key entry is removed from the 
configuration databases). 

Regarding claim 14, Drabik discloses a virtual private network gateway 
comprising a communication adaptor coupled to a network (Figure 7: network interface 
712); a processor coupled to the communication adaptor (Figure 7: processor 700) to 
transmit virtual private network settings to another node coupled to the network in a 
common format for automatic exchange of information between networked devices 
(Figures 1 and 2, Box 208; Page 6, Section 0083: when a VPN configuration device is 
inserted into a programming device (Figure 1: 105 or 110), it may be automatically 
detected by a daemon process or an equivalent detection mechanism. Upon such a 
detection, the VPN control station contains software that reads, the configuration 
database and other relevant databases, determines a non-conflicting configuration of a 
network settings for a particular VPN client, and then writes the resulting VPN settings 
to the VPN configuration device); and a storage device coupled to the processor to 
contain the virtual private network settings (Figure 7: a storage unit 709 connected to 
the processor 700 and a VPN configuration database 710 resided in storage unit 709). 
In the same field of endeavor, Ramanathan discloses the use of the universal plug and 
play protocol in a device/architecture that can include various logical interfaces provided 
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over a physical network interface, such as a virtual private network (Ramanathan: Page 
3, Section 42). Thus, it would have been obvious to one of ordinary skill in the art at the 
time of the invention to incorporate the universal plug and play into the network of 
Drabik. The motivation would have been in providing a seamless proximity networking 
in term of control and data transfer among networked devices. 

Regarding claim 15, Drabik discloses all the limitations of claim 14. Additionally, 
Drabik discloses that the processor in the virtual private network (VPN) control station 
retrieves the VPN settings from the storage device and transmit the settings to other 
node (Page 6, Section 0083: the processor reads the configuration database and the 
information in the virtual private network configuration database, determines the VPN 
settings and writes the settings to the virtual private network configuration device). 
However, Drabik fails to teach that universal plug and play is used in the communication 
among network devices. * 

In the same field of endeavor, Ramanathan discloses the implementation of 
universal plug and play in network devices that can be used in a virtual private network 
(Ramanathan, Page 3, Section 0042). Thus, it would have been obvious to one of 
ordinary skill in the art at the time of the invention to incorporate the universal plug and 
play into the network of Drabik. The motivation would have been in providing a 
seamless proximity networking in term of control and data transfer among networked 
devices. 



Application/Control Number: 10/743,226 Page 10 

Art Unit: 4135 

Regarding claim 16, Drabik and Ramanathan disclose a virtual private network 
node (Drabik: Figure 1: a virtual private network router or gateway 112) comprising a 
communication adaptor coupled to a network (Drabik: Figure 9: network interfaces 909 
and 91 1 ); and a processor coupled to the communication adaptor (Drabik: Figure 9: 
processor 900) to (1) receive virtual private network settings from another node coupled 
to the network in a common format for automatic exchange of information between 
networked devices (Drabik: Figure 3 and Page 15, Section 0155: once the daemon 
process (a background process running in the processor) detects the presence of a 
virtual private network configuration device, it extracts the configuration 
database/settings from the configuration device), and (2) establish a virtual private 
network with a remote device in accordance with the received settings (Drabik: Page 
. 15, Section 0155: if the settings are verified, the virtual private network (VPN) 
configurations is performed using those settings, and the VPN process is started). 
However, Drabik fails to teach that universal plug and play is used in the communication 
among network devices. 

In the same field of endeavor, Ramanathan discloses the implementation of 
universal plug and play in network devices that can be used in a virtual private network 
(Ramanathan, Page 3, Section 0042). Thus, it would have been obvious to one of 
ordinary skill in the art at the time of the invention to incorporate the universal plug and 
play into the network of Drabik. The motivation would have been in providing a 
seamless proximity networking in term of control and data transfer among networked 
devices. 
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Regarding claim 17, Drabik discloses all the limitations of claim 16. Additionally, 
Drabik discloses the network is a local area network (Figures 1 and 9: virtual private 
network 1 12 is connected to CorporateLAN 103, a local area network). 

Regarding claim 18, Drabik discloses all the limitations of claim 16. Additionally, 
Drabik discloses the network is a wide area network (Figures 1 and 9: the virtual private 
network gateway 112, connected to CorporateLAN 103 and Private Connecting Network 
100, is part of a wide area network). 

Regarding claim 20, Drabik discloses all the limitations of claim 16. Additionally, 
Drabik discloses that the processor transmits a message to the other node requesting 
that virtual private network information be downloaded (Page 9, Section 0102: if 
programming a client virtual private network device results in a change in the virtual 
private network configuration, the operator will be prompted to retrieve the virtual private 
network configuration device for reprogramming with the new configuration parameters). 
However, Drabik fails to teach that universal plug and play is used in the communication 
among network devices. 

In the same field of endeavor, Ramanathan discloses the implementation of 
universal plug and play in network devices that can be used in a virtual private network 
(Ramanathan, Page 3, Section 0042). Thus, it would have been obvious to one of 
ordinary skill in the art at the time of the invention to incorporate the universal plug and 
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play into the network of Drabik. The motivation would have been in providing a 
seamless proximity networking in term of control and data transfer among networked 
devices. 

Response to Arguments 

3. Applicant's arguments filed August 28, 2007 have been fully considered but they 
are not persuasive. Applicant argued: 

(a) . Regarding claim 1, the combination of Drabik and Ramanathan fail to 
discloses or suggest the determination of virtual private network settings for a node and 
at least one remote device; the formatting of the virtual private network settings in a 
universal plug and play message format; and the availability of the virtual private 
network settings to the node over a network. 

(b) . Regarding claim 1, the combination of Drabik and Ramanathan fail to 
disclose formatting information or providing a universal plug and play message using 
virtual private network settings. 

(c) . Regarding claim 1 , the motivation provided in the Office Actions ("providing a 
seamless proximity networking in term[s] of control and data transfer among networked 
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devices") would not lead one of ordinary skill in the art to modify the prior art references 
by Drabik and Ramanathan to produce the invention. 

(d) . Regarding claim 1, the absence of a convincing motivation in the prior art 
references by Drabik and Ramanathan and the motivation to combine the prior art 
references is a hindsight reconstruction. 

(e) . Regarding claim 3, the combination of Drabik and Ramanathan fail to 
disclose or suggest such a universal plug and play virtual private network request. 

Regarding (a), Drabik discloses a method and apparatus for automatic 
configuration and management of a virtual private network as well as a method and 
apparatus for delivery of virtual private network configuration parameters to client 
equipment. The Plug and Play provides the ability for a user to plug a device into a 
system and to allow the system to recognize the connection. The function of this 
automatic discovery of an inserted device is discussed in Drabik. Therefore, the 
functionality of the universal plug and play is implicitly discussed. Moreover, the use of 
the universal plug and play message format may be used in the system of Drabik. This 
point is further suggested by Ramanathan (Ramanathan: page 3, section 0042). 



Application/Control Number: 10/743,226 Page 14 

Art Unit: 4135 

Regarding (b), Drabik discloses a method and apparatus for automatic 
configuration and management of a virtual private network as well as a method and 
apparatus for delivery of virtual private network configuration parameters to client 
equipment. The Plug and Play provides the ability for a user to plug a device into a 
system and to allow the system to recognize the connection. The function of this 
automatic discovery of an inserted device is discussed in Drabik. Therefore, the 
functionality of the universal plug and play is implicitly discussed. Moreover, the use of 
the universal plug and play message format may be used in the system of Drabik. This 
point is further suggested by Ramanathan (Ramanathan: page 3, section 0042). 

Regarding (c), the rationale of the motivation is complete and proper in view of 
the established standards for the rejections under 35 U.S.C. 103(a). The factual 
inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ459 (1966), that 
are applied for establishing a background for determining obviousness under 35 
U.S.C. 103(a) are summarized as follows: 

1 . Determining the scope and contents of the prior art. 

2. Ascertaining the differences between the prior art and the claims at issue. 

3. Resolving the level of ordinary skill in the pertinent art. 

4. Considering objective evidence present in the application indicating 
obviousness or nonobviousness. 

Regarding (d), in response to applicant's argument that the examiner's 
conclusion of obviousness is based upon improper hindsight reasoning, it must be 
recognized that any judgment on obviousness is in a sense necessarily a reconstruction 
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based upon hindsight reasoning. But so long as it takes into account only knowledge 
which was within the level of ordinary skill at the time the claimed invention was made, 
and does not include knowledge gleaned only from the applicant's disclosure, such a 
reconstruction is proper. See In re McLaughlin, 443 F.2d 1392, 170 USPQ 209 (CCPA 
1971). 

Regarding (e), Drabik discloses a configuration request either manually inputted 
by an operator or automatic generated when a device is inserted into a configuration 
interface device (Drabik: Page 6, Section 0082). Moreover, Ramanathan suggests the 
use of the plug and play format in virtual private network (Ramanathan: Page 3, Section 
0045). Thus, claim 3 is not allowable based on Drabik and Ramanathan as disclosed 
as above. 

Conclusion 

4. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as Set forth in 37 CFR 1 . 1 36(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
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the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 
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